@ -39,10 +39,14 @@ pub async fn main(state: server::state::ServerState, cfg: settings::Settings) ->
. and ( warp ::header ( "X-Forwarded-For" ) )
. and ( warp ::header ( "X-Forwarded-For" ) )
. map ( source ::extract ( cfg . trust_x_forwarded_for ) )
. map ( source ::extract ( cfg . trust_x_forwarded_for ) )
. and_then ( | req : Result < std ::net ::IpAddr , _ > | async move { req . map_err ( warp ::reject ::custom ) } ) ;
. and_then ( | req : Result < std ::net ::IpAddr , _ > | async move { req . map_err ( warp ::reject ::custom ) } ) ;
// /auth/req - Request an auth ID and information about how to respond (data to sign / password salt / what is supported, etc)
// /auth/resp/<req_id>/pw/<passwd hash> - Respond to an auth ID with a hashed password, salted with the salt obtained from the req call.
// /auth/resp/<req_id>/si[/<num of sigs in body>] - Respond to an auth ID with one or more signatures of the data to be signed obtained in the auth request. If no number is provided, 1 is assumed.
let auth = {
let auth = {
let req = warp ::path ( "req" )
let req = warp ::path ( "req" )
. and ( client_ip . clone ( ) ) . and ( state . clone ( ) ) ; //TODO
. and ( client_ip . clone ( ) ) . and ( state . clone ( ) )
. and_then ( auth ::auth_req ) ;
let resp = {
let resp = {
let resp_auth_with_state = warp ::post ( )
let resp_auth_with_state = warp ::post ( )
@ -51,7 +55,9 @@ pub async fn main(state: server::state::ServerState, cfg: settings::Settings) ->
let resp_auth_key = resp_auth_with_state . clone ( )
let resp_auth_key = resp_auth_with_state . clone ( )
. and ( warp ::path ( "si" )
. and ( warp ::path ( "si" )
. and ( warp ::path ::param ( ) . map ( | num : usize | std ::cmp ::max ( 1 , num ) )
. and ( warp ::path ::param ( ) . map ( | num : usize | std ::cmp ::min ( std ::cmp ::max ( 1 ,
num ) ,
cfg . max_key_sigs_per_auth_response ) )
. or ( warp ::path ::end ( ) . map ( | | 1 usize ) ) . unify ( ) ) )
. or ( warp ::path ::end ( ) . map ( | | 1 usize ) ) . unify ( ) ) )
. and ( warp ::body ::content_length_limit ( cfg . max_body_len . 0 ) )
. and ( warp ::body ::content_length_limit ( cfg . max_body_len . 0 ) )
. and ( warp ::body ::bytes ( ) )
. and ( warp ::body ::bytes ( ) )
@ -59,21 +65,29 @@ pub async fn main(state: server::state::ServerState, cfg: settings::Settings) ->
// -- Paths --
// -- Paths --
let resp_auth_pass = resp_auth_with_state
let resp_auth_pass = {
. and ( warp ::path ::param ( ) . map ( | hash : auth ::Sha256Hash | hash . 0 ) )
let pw_path = resp_auth_with_state
. and_then ( auth ::auth_pass ) ;
. and ( warp ::path ( "pw" ) ) ;
if cfg . allow_passwd_auth {
pw_path . and ( warp ::path ::param ( ) . map ( | hash : auth ::Sha256Hash | hash . 0 ) )
. and ( warp ::path ::end ( ) )
. and_then ( auth ::auth_pass ) . boxed ( )
} else {
pw_path . and_then ( | _addr , _state , _hash | async move { Err ( warp ::reject ::reject ( ) ) } ) . boxed ( )
}
} ;
let resp = warp ::path ( "resp" )
let resp = warp ::path ( "resp" )
. and ( resp_auth_key
. and ( resp_auth_key
. or ( resp_auth_pass ) ) ;
. or ( resp_auth_pass ) ) ;
// /resp/<req_id>/pw/<passwd hash>
// /resp/<req_id>/pw/<passwd hash>
// /resp/<req_id>/si[/<num of sigs in body>]
// /resp/<req_id>/si[/<num of sigs in body>]
resp
resp
} ;
} ;
warp ::path ( "auth" ) . and ( req )
warp ::path ( "auth" ) . and ( req .or ( resp ) )
} ;
} ;
todo! ( )
todo! ( )